The Lexington (S.C.) School District Two was hit with a speakphishing email attack in late January that may have exposed the W-2 information of current and former school district staffers.
How many victims? Approximately 1,300 patients were affected by the breach.
What type of information? The breach included all the usual data found on a W-2 tax form and affected anyone who worked for and received a paycheck the school district during 2016. No students are involved.
What happened? On January 26 a district employee received a spearphishing email that used social engineering to make it appear as if the attacker was an authorized district worker who was asking for the information. So far the compromised personal information has not been misused, the district reported.
What was the response? The district has notified those potentially involved and is working with local law enforcement. In addition, the school's IT department is working to determine exactly how the attack took place. The district is also recommending those possibly impacted to obtain credit monitoring and to change their passwords.
Quote: “While we have no evidence that any of your personal information has been misused in any manner, we are taking appropriate precautionary measures to ensure your financial security and help alleviate concerns you may have.”